sergiotarxz/Wordpress
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't override the $current_user global in get_currentuserinfo() on an XML-RPC request

Browse Source 
if it's non-empty. Fixes capabilities checks for XML-RPC requests. See #20372.


git-svn-id: https://develop.svn.wordpress.org/trunk@20424 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Jon Cave 2012-04-10 16:19:53 +00:00
parent 27592057cd
commit c3a7874f33
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
wp-includes/pluggable.php
View File

@ -74,11 +74,6 @@ if ( !function_exists('get_currentuserinfo') ) :
function get_currentuserinfo() {
global $current_user;
if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
wp_set_current_user( 0 );
return false;
}
if ( ! empty( $current_user ) ) {
if ( $current_user instanceof WP_User )
return;
@ -97,6 +92,11 @@ function get_currentuserinfo() {
return false;
}
if ( defined('XMLRPC_REQUEST') && XMLRPC_REQUEST ) {
wp_set_current_user( 0 );
return false;
}
if ( ! $user = wp_validate_auth_cookie() ) {
if ( is_blog_admin() || is_network_admin() || empty( $_COOKIE[LOGGED_IN_COOKIE] ) || !$user = wp_validate_auth_cookie( $_COOKIE[LOGGED_IN_COOKIE], 'logged_in' ) ) {
wp_set_current_user( 0 );